[WARNING: Scam site]Found a site which is looks just like SF site, and we are also its members??

Discussion in 'Site Feedback' started by sweetpea, Apr 5, 2016.

  1. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    Due to you'r chosen career you have much more expertise wit this type issue than the average Joe... so if it is a database clone... what risks (if any) coud that pose to Sciforums members... an what actions (if any) do you thank Sciforums members shoud take???
     
  2. Guest Guest Advertisement



    to hide all adverts.
  3. krash661 [MK6] transitioning scifi to reality Valued Senior Member

    Messages:
    2,973
    anything that one submits-- i am telling everyone-- they have everything. i am saying this from the little experiments i have done with that site. but oh well, i have nothing on here that will hamper me in anyway.
    (LIM)--it will never matter since EVERYTHING is being transferred to it.
     
  4. Guest Guest Advertisement



    to hide all adverts.
  5. Dywyddyr Penguinaciously duckalicious. Valued Senior Member

    Messages:
    19,252
    There's nothing you CAN do.
    Once the pods are fully ripe and our replacements are ready to take our place it's too late.
     
  6. Guest Guest Advertisement



    to hide all adverts.
  7. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    Nice for you... what about ME an my embrassin PM's that might get posted

    Please Register or Log in to view the hidden image!

     
  8. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    Well... at least i can try an mitigate damages.!!!
    To whome it may concern:::

    In the PM whare i called someone "creepy"... i was just expressin my true feelins.!!!

    HTH <------
     
  9. rpenner Fully Wired Valued Senior Member

    Messages:
    4,833
    1) Don't use that site.
    2) Don't panic.

    Based on the evidence at http://www.sarahdream.com/encyclopedia/index.php/Main_Page it LOOKS like nothing much more is going than a reverse caching proxy + rewrite of pages. Notice that the IP given at top of page is not your IP as one would expect from a fully-functional copy, but instead is the IP address of www.sarahdream.com.

    Likewise, they don't gzip-compress the web traffic, and are nginx-based as opposed to Apache-based.

    Thus there is no evidence that non-public content, including database access, has been accessed.

    However... because it is a proxy, there is also no evidence that it is not harvesting your login information if you choose to log in at that site.

    Also, there is an ad inserted on the main page, which may try and load malware just by viewing the image, so do not click and do not go to the page.
    <br><p align="center"><a href="http://www.anrdoezrs.net/click-8029162-10641872-1440771929000" target="_top"> <img src="http://www.awltovhc.com/image-8029162-10641872-1440771929000" width="120" height="240" alt="AVG Internet Security " border="0"/></a></p><br>

    Both URLs are registered by markmonitor.com which is its own registrar (!!) and claims to be anti-phishing -- so it MAY be a bad actor or it MAY be part of a pitch to demonstrated phishing. The serial redirects suggest the former -- the fact that all URLs point to domains registered to ValueClick or https://en.wikipedia.org/wiki/Conversant suggest the latter. No reason it can't be both.

    Don't use that site.
     
    Last edited: Apr 7, 2016
  10. Bells Staff Member

    Messages:
    24,270
    No one cares, dude.

    You keep going on about your PM's. No one really cares what you have to say about them in your PM's. Just as I am sure you don't care about what others have to say about you in their PM's.

    Please Register or Log in to view the hidden image!

     
  11. Magical Realist Valued Senior Member

    Messages:
    16,742
    Information is so wild and unruly.
    I care. I think it's hilarious. I wanna know what he said about who!
     
  12. Kittamaru Ashes to ashes, dust to dust. Adieu, Sciforums. Valued Senior Member

    Messages:
    13,938
    Hard to say without the ability to really dig into it... I would suggest acting as though they were able to get a full image of Sciforums.com (ergo, change your password here, if you use the same password or username elsewhere, change that password as well). and obviously do not attempt to log into that site.

    It is interesting... it is updating every so often, but not in real time (or even every few minutes - my guess is once an hour or so?) - certain bits of info, like the online users, the profile post sidebar, etc suggest exactly what rpenner said - a simple "catch and display" of what is happening here. To what end... well, that is anyone's guess.
     
  13. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    Thanks.!!!
    That its prolly a simple "catch and display" is a relief... an at least this issue is a good reminder not to use the same password for other sites... especialy important sites.!!!
     
  14. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    I have feelins... ya know

    Please Register or Log in to view the hidden image!

     
  15. Bells Staff Member

    Messages:
    24,270
    Expressing my true feelings..

    Please Register or Log in to view the hidden image!



    But seriously, your PM's should be safe. So there is no point stressing about it.
     
  16. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    It is hilarious

    Please Register or Log in to view the hidden image!

    but it cant be posted publicaly so i will make it known by PM to those interested.!!!
     
  17. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    Thanks... i thank we all feel beter after readin Kitts last reply

    Please Register or Log in to view the hidden image!

     
  18. Kittamaru Ashes to ashes, dust to dust. Adieu, Sciforums. Valued Senior Member

    Messages:
    13,938
    Just bare in mind - this is all speculation on my part. Plazma Inferno or someone with access to the back-end servers would be the ones best able to make sure nothing more malicious is at play

    Please Register or Log in to view the hidden image!



    EDIT - Actually... I just thought of something. I have registered a second account here, a throwaway account, to a throwaway email address and a generic password not associated with any of my other accounts.

    Going to try and sign in on that spoof site and see if it works - that should tell me if they are somehow able to get account information (it obviously won't tell me if they have been able to get it in the past, but it's the best I got). If that account works over there... well, we'll know we have a problem

    Please Register or Log in to view the hidden image!



    I'll report my findings tomorrow, probably around 6pm or so (once I'm back from work)
     
    Last edited: Apr 7, 2016
  19. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    I consider3d doin that but didnt want any "sock" issues... shoud be interistin.!!!

    Edit:::

    I went to the other site right after i posted here an my post was thar also.!!!

    Ive done this twice... so if its just makin "cache copies" of this site its doin it perty often.!!!
     
    Last edited: Apr 7, 2016
  20. Kittamaru Ashes to ashes, dust to dust. Adieu, Sciforums. Valued Senior Member

    Messages:
    13,938
    A simple web-crawler bot can trawl the site and update every few minutes (such as Google's spider-bot)
     
  21. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    I figered ther was some sort of program to do it... but its doin it in less than 30 seconds... mayb ther jus that fast.!!!
     
  22. Kittamaru Ashes to ashes, dust to dust. Adieu, Sciforums. Valued Senior Member

    Messages:
    13,938
    Well... shit... I guess I can't test my theory lol... the registration email for the throwaway account never came...
     
  23. cluelusshusbund + Public Dilemma + Valued Senior Member

    Messages:
    8,000
    Bummer... signin up for an email acount can be hard... an besides... the answr you'r experiment provided might have been scary anyhow.!!!

    In the meantime... to the owner of the fake Sci forums:::

    If you do have my private information... contact me an i will offer money not to publish my embrassin stuff.!!!
     
    Last edited: Apr 8, 2016

Share This Page